VDB
CVE-2025-47577
CVE-2025-47577
PUBLISHED
Unrestricted Upload of File with Dangerous Type vulnerability in TemplateInvaders TI WooCommerce Wishlist allows Upload a Web Shell to a Web Server.This issue affects TI WooCommerce Wishlist: from n/a through 2.9.2.
EPSS 33.42% · 97.0th percentile
Risk Scores
EPSS Score
33.42%
97.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| templateinvaders | TI WooCommerce Wishlist | 0 |
Timeline
- May 19, 2025 CVE Published
- May 20, 2025 EPSS Score
- May 27, 2025 PoC Published
- May 28, 2025 PoC Published
- May 29, 2025 PoC Published
- May 29, 2025 PoC Published
- May 29, 2025 PoC Published
- May 30, 2025 PoC Published
- May 31, 2025 EPSS Score
- Jun 1, 2025 PoC Published
- Jun 2, 2025 PoC Published
- Jun 11, 2025 EPSS Score
References
- https://patchstack.com/database/Wordpress/Plugin/ti-woocommerce-wishlist/vulnerability/wordpress-ti-woocommerce-wishlist-2-9-2-arbitrary-file-upload-vulnerability?_s_id=cve vdb
- https://nvd.nist.gov/vuln/detail/CVE-2025-47577 advisory
- https://patchstack.com/database/wordpress/plugin/ti-woocommerce-wishlist/vulnerability/wordpress-ti-woocommerce-wishlist-2-9-2-arbitrary-file-upload-vulnerability?_s_id=cve url